The various options contained within Application Settings allow Users to configure global preferences and settings for their system. These settings are only available for update by users with the Administrator role at the System project folder level.
NOTE: For all Application Settings, you may click on the higher level concept (e.g. “Email”) to see a list of settings for edit, or you may click on a sub-level concept such as “IMAP”. Once you have clicked on the left pane, clicking on the 
Edit App Setting icon on the right pane will bring up the edit frame for that Application.
Bounced Email Processing
Bounced Email Processing is utilized in Illume Email Jobs. This processing determines what should occur when an email sent to a participant is not successfully received. These settings are configurable for the entire system, but only affect Illume-only protocol, i.e. studies not utilizing Discovery. Studies using Discovery and email communications through Discovery are not affected by these settings.
Contains settings for:
- Force Deletion of Bounced Email Messages – specifies whether bounced back emails that are stored in the ‘bounce back’ inbox be automatically deleted
- Bounced Email Message Forward Address – allows users to specify an email address to forward all email messages to that get bounced back
- Bounced Email Message Forwarding – whether or not to enable email message forwarding
- Enable Bounced Email Processing – whether or not to enable bounce back email processing
Email Service
This is an application that runs as a Windows Service which sends email for both Illume and Discovery and processes bounced back e-mail for Illume. This service connects to the SMTP server specified in Email Application Settings.
Users may turn on or off the Email service that is created at install by manipulating the Enable Email Service Application Setting.
IMAP
The Internet Message Access Protocol (IMAP) is one of the Internet standard protocols for email retrieval. IMAP can be used to process bounced back email messages from the Illume system and can be accessed via TLS or SSL (use ‘Read Email Provider’ setting for ‘Version 2’ to utilize this functionality).
Contains settings for:
- IMAP Username
- IMAP Authentication Mode
- IMAP Mailbox
- IMAP Password
- IMAP Port
- IMAP Secure Protocol
- IMAP Server
POP3
The Post Office Protocol (POP) is one of the Internet standard protocols for email retrieval. POP can be used to process bounced back e-mail messages from the Illume system and can be accessed via TLS or SSL (use ‘Read Email Provider’ setting for ‘Version 2’ to utilize this functionality).
Contains settings for:
- POP3 Username
- POP3 Password
- POP3 Port
- POP3 Secure Protocol
- POP3 Server
Read Email
The DatStat Email Service can read email inboxes to process bounced back e-mail messages.
Contains settings for:
- Read Email Provider – Either Version 1 or Version 2. Version 2 supports the use of IMAP as well as TLS and SSL for both POP3 and IMAP.
- Read Email Server – Whether to use IMAP or POP3 to read in bounced emails.
Send Email
Contains settings for:
- Send Email Default From Address – The e-mail address to mark messages as ‘from’ by default. Customers hosted at DatStat can configure one and only one mail from address. Self-hosted customers may configure multiple from addresses.
- Send Email Provider – Either Version 2 or Version 2. Version 2 supports the use of TLS or SSL to send e-mails.
- Send Email Return Path –
SMTP
Contains settings for:
- SMTP Username
- SMTP Password
- SMTP Port
- SMTP Secure Protocol
- SMTP Server
Security
Account Lockout Settings
These settings are used to determine whether or not the system should enforce account lockout security measures and to what extent those measures should be carried out. Administrators for the entire Discovery/Illume installation have the ability to set these settings.
Contains settings for:
- Account Auto Lockout Period – if enabled, this sets the amount of time, in days, after which an inactive user’s account will be locked and will require a user with the Administrator role to unlock unlock the user’s account
- Account Lockout Duration – if enabled, this sets the amount of time, in minutes, that users will be lockout out of their accounts and unable to login
- Account Lockout Observation Window – if enabled, this sets the period, in minutes, over which failed login attempts will count against the account lockout threshold setting
- Account Lockout Threshold – if enabled, this sets the number of failed login attempts allowed on the system before users are locked out of their accounts
LDAP Settings
LDAP authentication is used to validate users against your Active Directory infrastructure. Active Directory Authentication is for authentication only and does not use group memberships or other user attributes in any way.
Adding LDAP Information
Follow the steps below to LDAP information into Illume
- Login to your Illume instance
- Drill down to DatStat Server > Application Settings > Security
- LDAP Path: A URL that points to your organization’s LDAP service in the following format :
- LDAP://servername.domain.ext/OU=OrgUnit,OU=SubUnit,DC=Domain,DC=ext
- For Example : LDAP://host1.domain.com/OU=MyUsers,OU=Interviewers,DC=domain,DC=com
- LDAP User: If the LDAP service is secured with username and password, enter the username of the account that will read AD information from your LDAP environment: domain\user
- LDAP Password: If the LDAP service is secured with username and password, enter the password for the account
Creating an LDAP User
DatStat’s LDAP integration allows management of the password used to access the system, however all DatStat users must still be a defined User in the DatStat system. The DatStat system controls access and privileges via user roles and user groups.
Follow the steps below to create an LDAP User
- Log into your Illume Instance
- Drill down to DatStat Server > Users
- Click Take Action > Add User
- On the Add User screen:
- check the LDAP User checkbox
- In the Username field enter the LDAP username
- Enter the remaining information, configure roles, etc.
- Click OK
Password Policies
Administrators for the entire Discovery/Illume installation have the ability to set the password security restrictions for the installation. The restriction options include:
Password Minimum Length
If enabled, this setting allows the administrator to set the minimum number of characters required for User passwords.
Require Complex Password
If enabled, this setting requires each user of the system to use a strong password when accessing the system.
Strong Password requirements include:
- The password must not contain the account name or parts of the User’s full name that exceed 2 characters in length
- The password must be at least “x” characters in length – where “x” is the number set in Minimum length
- The password must contain characters from at least 3 out of the 4 following criteria:
- Uppercase characters (A through Z)
- Lowercase characters (a through z)
- Numeric characters (0 through 9)
- Punctuation or symbol characters (examples: #, $%!&*)
See Microsoft Online Safety for additional information on best practices on password creation: http://www.microsoft.com/protect/fraud/passwords/create.aspx
Password Maximum Age
If enabled, this setting allows the Administrator to set the maximum number of days before the User password needs to be changed.
Password History
If enabled, this setting allows the Administrator to set the maximum number of times a different password must be used before a specific password can be repeated.
SMS Messaging
Settings for enabling SMS Messaging. Requires purchase of blocks of text messages from DatStat’s gateway provider 2SMS. Once those have been purchased, 2SMS provides the information that must be entered within this section of the interface in order to enable text messaging in the DatStat system. At present DatStat only supports SMS Messaging with one provider (http://www.2sms.com/). An account with this provider would need to be obtained to configure and use this functionality.
The functionality provided is One Way Text Messaging, with messages of up to 160 character. Bounce back monitoring/Provider is provided by the SMS Gateway Provider. There is no communication from/integration between the Gateway Provider and DatStat, i.e. the receipt status of a text message is not communicated to DatStat.
Enabling SMS Messaging:
To enable SMS messaging, the SMS Account Settings in the Enterprise Manager will need to be updated.
- In the Enterprise Manager expand the Applications Directory
- Click on SMS Messaging to open the configuration window to the right
- Click on each of the Edit App Settings icons to configure
- Once finished with each Click Save and OK
Fields for Configuration
Enable SMS Message Service – Yes/No
SMS Message Provider Account – Account purchased with supported provider
SMS Message Provider Password – Password associated with purchased Account
SMS Message Provider URL – http://www.2sms.com/xml/xml.jsp Currently the only supported URL
System Defaults
Users with the Administrator Role can set default system locality and timezone through the following options:
Default System Locale
Locale controls the language displayed on the system.
Default System Time Zone
Time Zone controls how dates and times are displayed and validated across the system.